Speech by Minister of State Werner Hoyer at the tenth Berlin Security Conference, 8 November 2011

- Translation of advance text-

---------------------------------------

The immediate existential threat posed by Soviet nuclear weapons, a threat which dominated the Cold War world, is a thing of the past. Also relegated to history are the clearly defined fronts and the possibility of unambiguously localizing the dangers. Less and less is the threat scenario facing us now characterized by monocausal connections in keeping with the simple “action and reaction” pattern.

But those who occasionally long with a proper degree of nostalgia for the simple logic of that era are deluding themselves.

Because neither the extent nor the destructive power of any single one of the challenges to our security today can be compared with the thousands of nuclear warheads which, had it come to an open conflict between NATO and the Warsaw Pact, would have made Europe forever uninhabitable.

The nuclear balance of terror was a threat to the very foundation of our existence, a threat unprecedented in the history of humanity. Overcoming the antagonism between East and West was therefore one of the outstanding achievements of international politics. It is impossible to overestimate how important this increased security was for the people of Europe.

The challenges facing Europe’s security in the 21st century cannot be summed up anywhere near as neatly as those which confronted us during the Cold War. The new threats are highly complex, diverse and in some cases amorphous.

NATO’s new Strategic Concept, adopted in November 2010, contains a list of security-policy problems to which we must find answers. These include the proliferation of weapons of mass destruction and their delivery systems, terrorism, organized crime, cyber attacks, energy and resource security, environmental protection and security of supply, as well as the security implications of new technologies.

The shift in the security environment had generally non-military origins and can often be attributed to various causes, some of them in the ecological, economic and social spheres. Moreover, many of the players are non-state bodies acting asymmetrically.

That’s why new security solutions need to look at various different aspects. These developments have led to security being increasingly networked. Given the global nature of the challenges, moreover, it is obvious that they cannot be met by NATO, the EU or any other international organization acting alone.

I would like to take a closer look at two of the new security challenges I mentioned a moment ago: cyber security and energy security.

Cyberspace is both a new medium and a new instrument. A threat analysis must therefore also take account of the fact that espionage, sabotage, deception or manipulation – all things we know from the real world – can now also happen in cyberspace, perhaps taking on a new quality.

The new cyber attacks – attacks which are relevant to security policy – are no longer being carried out by individual hackers. Mainly they are being carried out by state actors, armed forces and intelligence agencies. Data networks are both the medium for attacks, on critical infrastructure for instance, and the targets, because they have themselves become critical infrastructure.

As yet we do not understand the cyber threat well enough to be able to counter it completely. The international community is facing the difficult challenge of adapting tried-and-tested confidence and security-building concepts to the cyber dimension and of bringing them to fruition. International controls and legal standards of conduct also need to be adapted.

In some respects the cyber issue presents international policymaking today with similar challenges to those nuclear weapons used to throw up. It is a matter of establishing a framework of political, legal and moral standards to put the brakes on the technical possibilities so as to minimize risks.

There are several reasons why cyber attacks are an attractive weapon in the arsenals of armies and secret services. For one thing it is easy to hide the origin of attacks, by covering up or manipulating trails. It is impossible, or at least very difficult, to identify aggressors on the Internet.

This unattributability cuts the costs for the attacker, as he doesn’t automatically need to reckon with reprisals or other sanctions. The anonymity of virtual space allows him to carry out as many hidden attacks as he wants, until one succeeds.

Also, it is very difficult to separate useful and harmful identifiers in cyberspace. Attackers use the same data identifiers as ordinary commercially available applications. That makes it hard to uncover and identify them.

This lack of attributability gives rise to a danger of misunderstandings and escalations which might have serious consequences: some of our Allies have made it clear that they would react no less robustly to a cyber attack than to a conventional attack. But even if it is possible to identify the origin of an attack in one particular state, that doesn’t mean the actual attacker has been localized there. It is quite conceivable that a third state or a terrorist organization might lay a false trail in order to drive a wedge between states or trigger misplaced reactions.

For another thing, cyberspace enables a huge effect to be generated from a modest input. Even if the technical preparations for an attack are considerable, the potential damage is much greater. So at present the cost-benefit analysis still rather favours the attacker.

Successful defence against cyber attacks has to be based on networked action. As about 90% of all digital data networks in Germany are in the hands of private operators, the German Government and the business world must and will cooperate very closely in future to ensure cyber security.

In order to optimize the operative cooperation of all government agencies and to better coordinate protective and defence measures against cyber attacks, we have already set up a National Cyber Response Centre.

The aim now must be to bring about a similar level of coordination at international level, for instance by agreeing generally accepted rules of conduct for state actors in cyberspace and promoting close cooperation in securing national networks. Because a network is only ever as secure as each of its individual members.

NATO’s new Strategic Concept classifies cyber security as one of the central challenges for the future. The heart of the Alliance’s Policy on Cyber Defence is the protection of NATO owned networks.

It is equally important to take account of cyber security issues all across the NATO spectrum, as well as to engage in cooperation with other international organizations and partner states. The Allies support the development of international codes of conduct in cyberspace.

The European Council first identified cyber as a security threat back in 2008. At the end of 2010 the European Commission announced that improving standards of security for Internet use was a main focus. Since then, various initiatives have been launched to harmonize legislation in the fight against cyber crime and various instruments to protect critical infrastructure have been put in place.

Just a few days ago, the European Network and Information Security Agency ENISA, together with the US Department of Homeland Security, carried out the first transatlantic cyber security exercise. Using simulated crisis scenarios, the one-day Cyber Atlantic 2011 exercise looked into how the EU and US could cooperate in the event of cyber attacks on critical network infrastructure.

However, we must not allow these threat scenarios from cyberspace to blind us to one important fact: the Internet is a powerful instrument for economic development and for individual emancipation. By reducing or maybe even minimizing the risks, we are ensuring that these positive qualities of the Internet can continue to have their full impact in future.

The rising number of hacker attacks on government systems and the networks of state and non-state actors has led to the development of ever more sophisticated protective and defence mechanisms. But it would be sending the wrong signal to sit back and relax. Because the IT sector is more dynamic than any other. So there must be no let-up in the efforts to guarantee cyber security in all its aspects.

Access to energy resources and other raw materials is key to success for our industries and is playing an ever increasing role in our bilateral and multilateral relations. Furthermore, Germany can only succeed in its aim of shifting to green energy and a carbon-free economy if sufficient quantities of raw materials for the manufacture of high-tech products are available.

There are three key developments to be borne in mind when formulating our foreign policy on raw materials:

1. The demand for raw materials is growing rapidly. Demands for gallium, for instance, which is used in the production of solar cells and light-emitting diodes, could grow 20 fold by 2030. Demand for other metals too will increase substantially in the coming years.

2. The growing demand is already resulting in rising prices – partly as a consequence of speculation, which has now hit this area too. In 2010 alone, raw material prices in euros rose by more than 30%. In the case of non-energy raw materials, the hike was more than 40%.

3. Access to key high-tech raw materials is becoming more difficult. Extraction of rare earths or lithium is concentrated on just a few countries. What’s more, an increasing number of countries rich in raw materials are giving priority to supplying their domestic industry rather than to exports. What does that mean for German companies? Access to raw materials is getting more difficult and more expensive.

Along with our partners in the EU we are calling for free tradability of raw materials on transparent markets. At the same time, as part of our foreign policy on raw materials, we are looking for new forms of cooperation with major raw materials producers and buyers.

In doing so, we regard cooperation on raw materials as a springboard to closer coordination in other areas as well; we want to set up broad-based raw materials partnerships and create a win-win situation through technology transfers, the modernization of the raw materials sector or the establishment of processing industries in the partner country.

The subject of resource security has long been on the agenda of the EU, WTO, G8, G20 and the United Nations. In this context it’s quite clear: exactly like with energy, we don’t want raw materials to become an instrument of power projection. We want cooperation, not confrontation.

NATO too has taken up this topic and regards the protection of energy transport and energy transit routes to secure the supply of “global commons” as a new strategic challenge.

The growing dependence of many NATO member states on foreign energy suppliers and distribution networks means that the number and scope of global supply routes is constantly increasing. This at the same time makes them more susceptible to terrorist attacks or criminal activity.

The prime goal of the fight against piracy in the Horn of Africa – which is being led by both the EU, with Operation ATALANTA, and NATO, with Operation OCEAN SHIELD – is to secure humanitarian aid for the suffering people of Somalia. At the same time, however, both missions also serve to secure strategically important, but highly vulnerable, trading and supply routes and thus to ensure energy and resource security, as the pirates also attack these transports.

The examples I have mentioned demonstrate that the shape and substance of security policy at the beginning of the 21st century cannot be compared with the structures and threats at the outset of the Cold War.

Today’s challenges are not easier: they are more complex, more multilayered, and highly interlinked. We need to find viable responses. NATO and the EU have only just begun to implement new concepts. The subject is one that will be occupying us for years and decades to come.